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(54) Protecting against tho unauthorised use of software In a computer netwwfc 

(57) The present Invention provides to a software appttcatfon the verfficaiion and tame© check out functions which are 
normally performed by a Boence server. The encrypted ticenoe frrfonnato Is contained h a Boence token, and is stored in a 
database 1 7 contioled by the licence server 15. In contrast to the prior ail where the server ©finer grants or denies the 
request attar verifying the users creoentiats, the server in the preferred embedment of the present Invention finds the 
correct licence token for the software app&catton and transmits the token to a Bcendng Itorary. A ficence access module 
attached to the appBcation decodes the token. Routines in the licencing ebrary coupled to the software application verfly the 
licence information before Issuing the licence and updating the token. The access module then encodes the updatedtoken 
before returning it to the server. Because the verification and Issuing function of a token are performed by a software 
appfcation, the application rather than the server becomes the point of attack by unauthorised users. Reverse engineering 
me access rnoddebiess rewarding than altecklr^ the server because the mobile reveals tf» coritems of a smaJ fraction 
of a database of Bcences. 
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METHOD FOR PROTECTING AGAINST THE UNAUTHORIZED USE 
OF SOFIWARE IN A COMPUTER KETODSRK WnBOMEm 

BACKGROUND OF INVFMTinM 

1. FIELD OF THE IMVFMTtnM 

The present invention relates to a method for protecting against 
5 the unauthorized use of a software application in a computer network 
environment* 

2. ART BACKGROUNp 

A computer network is typically an interconnection of machines or 
! 0 agents over finks or cables. The open access characteristics of a computer 
network presents opportunities for the unauthorized copying of software, thus 
eroding the Dcensing revenue potential of software developers. Traditionally, 
either the entire network must be licensed (commonly referred to as a site 
Bcense), or each node where the software Is run must be Bcensed (commonly 
5 referred to as a node license). A node refers to a single machine, agent or 
system in a computer network. A Gcense is an authorization given by a 
software developer to a customer to use a software application in a specific 
manner. 

A site Bcense lets aU users at a designated location or network 
use the software application, regardless of their position on the network. This 
flat-fee approach is an overkill for a low usage software application. A node 
Bcense not only ties a software application to a particular machine in a 
network, but also is not cost effective for the infrequent use of a software 
application. See, for example, U.S. Patent No. 4,688,169. Furthermore, if new 
users of licensed nodes wish to use the software appication, they are often 
required to purchase additional licenses. 

An alternative to a site Bcense or a node license is the concept of 
a concurrent usage Bcense. A concurrent usage Dcense restricts the number 
of users allowed to use a software application at any given time, regardless of 
their location on the network. Just as renters check out available copies of a 



movie video from a video rental stone, users on a network check out a software 
application from an agent on a first-come-first-serve basis. Thus, a concurrent 
usage ficense charges a fee for the use of a software application proportional 
to its actual use* 

Methods to Gcense a software appGcaiion for concurrent use in a 
network environment are currently offered by Highland Software, inc. and 
Apollo Computer, Inc. See, M. Olson and P. Levine, "Concurrent Access 
Licensing", Unix Review, September 1988, Vol. 6, No. 9. In general, the 
license for a software application is stored in a database controlled by a 
Gcense server. A Gcense server is a program that not only stores the Gcense, 
but also verifies the user's credentials before checking out the Gcense to the 
authenticated user. To protect against the authorized use, these methods to 
Gcense concurrent usage rely on secured communications such as 
public/private key encryption. Under pubfic/private key encryption, each user 
of the system has two keys, one of which is generally known to the pubOc, and 
the other which is private. The private transformation using the private key is 
related to the pubCc one using the pubflc key but the private key cannot be 
computationally determined from the pubOc key. See Denning, D., 
Cryptography and Data Security, Addison-Westey, 1982. The encryption key 
is hidden in the license server to encrypt the database of fioenses. Weil 
designed pubBoJxivate key encryption schemes are difficult to crack, 
especially If the ficense server is located in a trusted environment A trusted 
environment is one whose access Is fimited to users having the proper 
credentials. However, a license server is more fikely to be located at 8 
customer's site and hence in an hostile environment, it follows that the Ecense 
server is vulnerable to sophisticated intruders. Once the private key is 
decrypted, all sensitive information on the ficense server such as Ecenses are 
compromised. 



It is therefore an object of the present invention to provide a more secure 
method to protect against the unauthorized use of software in a concurrent use 
licensing environment 



SUMMARY OF THE INYi 



mm 



The present Invention provides to the software application the 
verification and license check out functions which are normally performed by a 
5 license server. The preferred embodiment of the present invention comprises a 
computer network including a plurality of agents running at least one license 
server and ai least one software application. The icense server controls a 
database of an agent containing the license information for the software 
application. The Bcense information is contained in a Bcense token, and is 

1 0 stored in the database controlled by the Bcense server. The license token is a 
special bit pattern or packet which is encrypted by the software vendor of the 
application software. The software application communicates with the license 
server through a licensing library. The licensing library is a collection of library 
routines that the software appGcaiion invokes to request or renew a license 

15 from the license server. Before a software appBcation obtains a license, the 
Gcense token must be decoded by a license access module. The license 
access module, which is Inked with the software application and the licensing 
fibrary is a program that decodes the license token from a vendor specific 
format to a Bcensing library format. 

20 

When an user wishes to run a software appBcation, the Bcensing fibrary 
invokes a call to request a Gcense token from the Bcense server. In contrast to 
the prior art where the Bcense server either grants or denies the request after 
verifying the user's credentials, the license server in the preferred embodiment 

25 of the present Invention finds the correct Bcense token for the software 

application and transmits the Bcense token to the Bcensing fibrary. The Bcense 
access module attached to the Bcensing iforary decodes the Bcensing token. 
Routines in the licensing library coupled to the software application verify the 
Bcense information before checking out the Bcense and updating the license 

30 token. The Bcense access module encodes the updated Bcense token before 
returning it to the Bcense server. 
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Because the verification and check out function of a Bcense token are 
performed by a software application, the software application rather than the 
ficense servej becomes the point of attack by unauthorized users. Reverse 
engineering the license access module is less rewarding than attacking the 
5 icense server because the license access module reveals the contents of a 
fraction of a database of licenses* By the time most attackers crack the Bcense 
access module, the software vendors would most ikely introduce newer 
versions of the software appfcatlon and new license access modules for them. 
Thus the present invention provides a more secure method for protecting 
1 0 against the unauthorized use of a software application In a computer network 
environment without modifying the underlying computer network. 
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PR1FF PFfiCR'* 1 ™ ™ g DRAWINGS 
Figure 1 illustrates a network environment employing the present 
invention. 

S 

Figure 2 describes the architecture of a network Ocensing scheme 
employing the preferred embodiment of the present Invention. 

Figure 3 describes the installation of a license token in the preferred 
1 0 embodiment of the present Invention. 

Figure 4a Illustrates the use of a license token to request a license from 
a license server in the preferred embodiment of the present Invention. . 

1 5 Figure 4b illustrates the use of a license token to renew a fioense from 

a license server in the preferred embodiment of the present invention. 

Figure 4c illustrates the use of a ficense token to release a icense from 
a Bcense server in the preferred embodiment of the present invention. 

20 



•6* 



NOTATION AND NOMENCLATI IPP 



The detailed description that follows is presented largely in terms of 
algorithms and symbofic representations of operations on data bits and data 
5 structures within a computer memory. These algorithmic descriptions and 
representations are the means used by those skilled in the data processing arts 
to most effectively convey the substance of their wo* to others skilled in the 
ail 

10 An algorithm is here, and generally, conceived to be a self-consistent 

sequence of steps leading to a desired result These steps are those requiring 
physical manipulation of physical quantities. Usually, though not necessarily, 
these quantities take the form of electrical or magnetic signals capable of being 
stored, transferred, combined, compared, and otherwise manipulated It proves 

1 5 convenient at times, principally for reasons of common usage, to refer to these 
signals as bH patterns, values, elements, symbols, characters, data packages, 
or the 8ke. It should be borne In mind, however, that aH of these and similar 
terms are to be associated with the appropriate physical quantities ami are 
merely convenient labels applied to these quantities. 

20 

Further, the manipulations performed are often referred to In terms, such 
as adding or comparing, that are commonly associated with mental operations 
performed by a human operator. No such capabifity of a human operator is 
necessary, or desirable in most cases, in any of the operations described 

25 herein that form part of the present invention; the operations are machine 
operations. Useful machines for performing the operations of the present 
invention include general purpose digital computers or other similar devices. In 
afl cases there should be borne in mind the distinction between the method of 
operations In operating a computer and the method of computation itself. The 

30 presertl invention relates to method steps for operating a computer in 

processing electrical or other (e.g. mechanical, chemical) physical signals to 
generate other desired physical signals. 



The present invention also relates to an apparatus for performing these 
operations. This apparatus may be specially constructed for the required 
purposes, or it may comprise a general purpose computer as selectively 
5 activated or reconfigured by a computer program stored in the computer. The 
algorithms presented herein are not inherently related to any particular 
computer or other apparatus. In particular, various general purpose machines 
may be used with programs written in accordance with the teachings herein, or 
it may prove more convenient to construct a more speciafeed apparatus to 
1 0 perform the required method steps. The required structure for a variety of these 
machines will appear from the description given below. 
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DETAILED DFSCRiPnnM nfTH F imvpntttom 



The following detailed description is divided Into several sections. The 
first of these sections describes a general network environment tor accessing a 
6 database of licensed software programs. Subsequent sections discuss the 
details of a method for protecting against the unauthorized use of a software 
application. 

L General NPtwnrk Pmftftnmfflf 

10 

Referring to Figure 1, computer network environment comprises a 
plurality of data processing devices identified generally by numerals 10 
through 10 n (illustrated as 10. 10' and 10"). These data processing devices 
may Include terminals, personal computers, workstations, minicomputer. 
15 mainframes and even supercomputers. For me purposes of this Specification, 
all data processing devices which are coupled to the present Invention's 
network are collectively referred to as "agents". It should be understood that 
the agents may be manufactured by different vendors and may also use 
different operating systems such as MS-DOS. UNIX. OS/2. MAC OS and 
20 others. Particular examples of suitable agents include machines manufactured 
by Sun Microsystems. Inc.. Mountain View. CaBf. Each of the agents has an 
Input device such as a keyboard 11.11' and 11" or a mouse 12. 12* and 
12" As shown, agents 10 through 10 n (illustrated as 10. 10' and 10«) are 
interconnected for data transfer to one another by a common cable 13. ft will be 
25 appreciated by one skilled in the art that the common cable 13 may comprise 
any shared media, such as coaxial cable, fiber optics, radio channel and the 
like. Furthermore, the network resulting from the interconnection of the cable 
13 and agents 10 through 10 n (illustrated as 10. 10' and 10") may assume a 
variety of topologies, such as ring. star. bus. and may also Include a collection 
30 of smaller netwoiks linked by gateways or bridges. 
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Referring again to Figure 1 1s a icense service 14. The Boense 
service 14 is a resource shared by every agent connected to the network. In 
the preferred embodiment of the present Invention, the Icense service 14 
comprises license servers 15 through 15™ (fflustraied as 15, 15* and 15™) 

5 and databases 17 through 17™ filtustrated as 17, 17* and 17™). where m is 
less than or equal to n. A Ooense server is a program that runs on an agent with 
a memory storage capability. Each ficense server 15 (fllustrated as 15, 15* 
and 15 m ) communicates with a database 17 stored in memory on the agent 
over an interface 16 (illustrated as 16, 16' and 16™). As wii be described in 

1 0 detail below, the database 17 stores licensing information for various software 
applications which are purchased and authorized to run in the computer 
network environment The license server is not imited to run on a specific 
agent, but can operate on any agent including the agent on which the user is to 
operate the applcation. Thus, any agent connected to the network may 

15 function as a ficense server as well as a device on which a user may operate 
application software. As will be described below, the Icense server does not 
perform verification of licenses of application software; rather the ficense server 
is passive and provides storing, locking, logging, and crash recovering 
function for the application software. 

20 

Figure 2 illustrates the architecture of a network Bcensing scheme of 
the present invention. The architecture comprises a database 18. database 
Interface 19. Icense server 20, licensing library 24, License access module 
27, Icense administration tool 21, Boense service binder 29, and ficense 
25 production tool 34. 

The database 18 stores Bcensing information and application usage 
data. Preferably the database 18 comprises a plurality of records which 
contain the following information: 
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Database Element 


Description 


Unique Key Table 


Keys (or all other tables 


Vendor Table 


Vendor's ID and name 


Product Table 


Product number and name 


Version Table 


Version number and date 


License Table 


License #. exp date, total units 


License Token Table 


Stores encoded Gcense token 


Unit Group Table 


A group's allocation of license 


Group List Table 


Name of the group 


Allowed Users Table 


Credentials of allowed users 


Current License Use Table 


Applications using a license 


Lock Table 


Locked records in database 


Authorized administrator Table 


Login names of administrators 


License Operation Log Table 


Administrator's log information 


License Usage Log Table 


Request handle plus Cfient Log 


License Queue Log Table 


license wait queue 


Application Message Log Table 


AppBcation specific messages 



A database interlace 19 provides communication between the Gcense 
server 20 and the database 18 in order to prevent concurrent access to the 
same database record by multiple users which can cause the data in the 
record to become corrupted Thus, only the owner of the lock can read from 
25 and write to the locked record during the usage of the application 

The Gcense server 20 operates on an agent and interfaces the database 
18 to Icense administration tool 21. licensing Hbrary 24 and license service 
binder 29. The license server 20 communicates with the license 
30 administration tool 21, licensing library 24 and Bcense service binder 29 via 
an interface 23. Preferably the interface 23 Is a remote procedure call 
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mechanism which permits a process operating on one device or agent 
connected to the network to request a resource or service from a remote device 
or agent connected to the network. See A. Krreil and B. Nelson. Implementing 
Remote Procedure Calls." ACM Transaction on Computer Systems, February 
5 1984, Vol 2, No. 1. 

Multiple icense servers may reside on multiple agents. Preferably the 
license server 20 operates in a background mode of the agent such that its 
operation Is transparent to a user of that agent More particularly, as wiB be 
1 0 described below, the license server 20 provides the following functions: 1) 
servicing the requests from the Icensing library 24 for icense token; (2) 
maintaining a wait queue for requests to the database 18 when no icensing 
units are available; (3) generating locks for exclusive access to database 
18; and (4) providing access to information in the database 18. 

15 

The licensing ibrary 24 Is a set of ibrary routines which enable the 
appfication 26 to request licensing service from the license server 20. Upon 
receiving the request for service from the Icensing ibrary 24. the license 
server 20 retrieves a icense token from the database 18 and transmits it to the 

20 licensing ibrary 24. Tne licensing Ibrary 24 is inked with the appBcation 26 
and communicates with the icense server 20 over a path 28 with, preferably, 
a remote procedure call mechanism 23. Among the major ibrary cans In the 
icensing ibrary 24 Is the application's request for a icense from the license 
server 20. Other important Bbrary calls Include the request to renew and to 

25 release a Bcense. The use of the Bcense token to accompEsh the request for 
the various icensing service will be described in detail below. 

The icense access module (LAM) 27 is prepared by the software 
vendor 24 to decode the license token. Once decoded, the appfication 26 via 
30 routines In the licensing ibrary verifies the licensing Information in the license 
token and determines whether a icense may be checked out. The LAM 27 
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also encodes the license token before the application returns It to the database 
18 via license server 20. The Bcense access module 27 is described in 
further detail below. 

The Scense administration tool 21 is utilized by the network administrator 
to perform administrative functions relevant to the concurrent usage of a 
software application. The license administration tool 21 may run on any agent 
connected to the computer network. The Bcense administration tool 21 is 
primarily used to install the license token into the database 18 through the 
license server 20. The functionality of the icense administration tool 21 
includes: (1) starting or terminating a Bcense server, (2) accessing a database 
controlled by a license server; and (3) generating and printing reports on 
license usage. 

• * 
The application 26 may not access the database 18 directly; rather, the 

request for a Scense is made through the Bcensing library 24 to the license 

server 20 over a path 28. Most network icensing schemes employ secured . 

communication between the licensing library 24 and the license server 20. In 

contrast, the present invention uses the Icense access module (LAM) 27 the 

Bcense libraiy 24 and a plurality of license tokens to protect against the 

unauthorized use of software application in a computer network. 

Referring once again to Figure 2, a icense service binder 29 Is shown 
coupled to the Bcense server 20 over a path 30. The Bcense service binder 
29 is invoked by means known in the art such as a network service program. 
The Bcense service binder 29 locates all agents that are designated as servers 
on the network, and keeps track of which server is servicing which appEcaf ion. 
The Bcense service binder 29 contacts each server on its table of available 
servers and requests a Bst of products it serves. Finally the Bcense service 
binder 29 writes the contents of the table of available ficense servers and the 
Est of products into a binding file 32 over a path 31. In Figure 2, the binding 
file 32 is coupled to the licensing library 24 over a path 33. The application 26 
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queries the binding tile 32 to see which license server can service its request 
for a license. 

A f cense production tool 34 is used by the software vendor to create a 
6 cense token for transmittal to the network administrator. Receiving the license 
token, the network administrator installs ft with the license administration tool 21 
into the database 18 through Ecense server 20. 

II, License Token 
Referring to Figure 3, the creation of a Gcens£ token in a computer 
network employing the preferred embodiment of the present Invention will be 
described. A computer network 38 Is shown coupled with a Ecense 
administration tool 39 and a single license server 44. The Ecense server 44 
communicates with a database 45. Applications 41, 42, ami 43 are shown 
requesting licensing service from the icense server 44. When a customer 
purchases a license for an application, such as a CAD/CAM program for hs 
research and development department, the software vendor creates a icense 
token with a Icense production tool, and defivers the Ecense token to the 
customer's network administrator. A license token is a special bit pattern or 
packet representing a Ecense to use a software appEcattort The network 
administrator installs the Ecense token 46 into the database of the Ecense 
server using the Ecense administration tool 39. UnEke the token used in a 
token ring which is passed from agent to agent, a Ecense token in the preferred 
embodiment of the present invention Is passed only between a license server 
and a fcensing Ebrary for a predetermined amount of time. The predetermined 
amount of time corresponds to the time the Ecense token is checked out of the 
Ecense server. Currently, the Ecense token Is checked out to an application for 
no more than ten seconds, and the icense token is returned as quickly as 
possible to the issuing Ecense server. The Ecense token 46 contains 
information encrypted in the vendors format such as .vendor identification, 
product and version numbers as well as the number of Ecense units purchased 
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for the license token. A icense unit corresponds to the ioense weighting for an 
agent connected to the computer network For example, powerful workstations 
could require more icense units to use a software appfication than an average 
personal computer. 

5 

The software vendor produces a license token using a Bcense 
production tool 40. A path 47 illustrates how a Goense token 46* makes its 
way to a icense administration tool 39 at the customer's site. There, the 
system administrator installs the Bcense token 46* as icense token 46 into the 

10 license database 45 of the icense server 44. A path 48 indicates the transfer 
of the license token 46* from the icense administration tool 39 to the icense 
server 44 and into the database 45 as icense token 46. The Bcense server 
44 is now ready to entertain requests from applications 41. 42, and 43 for a 
icense to use the application corresponding to token 46 as weB as other 

1 5 applications represented in its database 45. 

It should be understood that each network may have a pturafity of 
icense servers and each icense server may have in Its database a pkirality of 
icense tokens for a variety of software applications. Referring again to Figure 

20 3. If application A 41 requests and checks out the icense token 46 for less 
than ten seconds, appications B and C 42. 43 would be unable to check out 
. the Bcense token 46 if their requests were made Airing the same time 
appfication 41 is checking out a icense from the icense token 46 because of 
the locking mechanism provided by database interface 19. Thus, to achieve 

25 concurrent icense usage in network 38. it is preferred that the network 
administrator installs more than one icense server. To minimize the task of 
recovering from icense server crashes, it Is also preferred that the system 
administrator spreads the icense units tor any one application among a 
pturaSty of strategical located icense servers. For instance, If a network has 

30 four icense servers, the network administrator may want to allocate the twenty 
icense units for a particular popular appfication among four icense tokens with 



•15- 



five Bcense unite for each Bcense token. In the event one Bcense server 
crashes or the Bcense token Is checked out the other three Bcense servers 
may provide icensing service to other applications. 

5 Figure 4a Illustrates the use of a Boense token to request for a fioense. 

As shown, a network 50 is provided, and is coupled to Appfications 52. 54 
and 56 respectively. AppScation 56 succeeded in requesting a license token 
from the Bcense server 58 in step 59. The Bcense token is transmitted to 
application 56 in step 60. When done, Application 56 returns the Bcense 

10 token to the Bcense server 58 in step 61. Aside from the Bcense request 
function performed with the license token as shown in Figure 4a, the Bcense 
token is also used in other critical stages of the fioensing process. For 
example, an user may wish to run an application beyond the initial allocated 
time. As shown in Figure 4b, Application 68 makes a Bcense renewal 

1 5 request 71 from the Bcense server 70 with Bcense token 72. Similarly, in 
Figure 4c the user makes a license release request 83 when the appfication 
no longer needs the license units. As such, the user updates the Bcense token 
84 by returning the updated ficense token to the ficense server 62 in step 85. 

20 HI, license Access Module 

In Figure 2, a ficense access module (LAM) 27 is finked with the 
appfication 26 and the licensing library 24 to form the executable code that 
software vendors ship to the customers. The ficense access module 27 
decodes and encodes the encrypted ficense token as it is being passed 

25 between the Bcense server and the Bcensing Hxary 24. Thus the level of 
security of an appfication from unauthorized use depends heavily upon how 
secure the license access module is. 

Conventional network fioensing schemes use public/private key 
30 encryption to encode sensitive information. Such a scheme is effective if the 
license server is in a trusted environment However, the customer has the 
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same access to any agent in a network, inducting the fioense server. The 
security of the licensing scheme can be compromised by a user who decrypts 
the Bcense server's private key. Once the unauthorized user determines the 
server's private key, he can decrypt all sensitive information on the Bcense 
5 server. Should ail tense servers use the same key, as is frequency done, 
then ail the security of the applications served by afl the fioense servers will be 
compromised 

The icense access module 27 first translates a Bcense token from a 
vendor specific format to a format usable by the tensing tt>rary 24. The 
Icense access module accomplishes the translation in two modules. One 
module translates or decodes a Bcense token from a vender specific format to a 
licensing Ebrary format The second module translates or encodes the updated 
icense token from the tensing ibrary format to the vendor specific format 
The second module is invoked anytime the licensing library updates the 
information in a Scense token. 

Upon receiving the Bcense token in the licensing Bbrary format, the 
icenslng ftrary invokes routines which verify the correctness of the license by 
reviewing the foBowing license Information stored in the token: (1) flag, (2) 
maintenance contract date, (3) host name and domain, (4) product name, (5) 
host id number, (6) ficense serial number, and (7) expiration date of license. 
This Is compared to the information maintained by the appfication. If the 
information matches, the Icense is verified. After completing the verification 
process, a routine in the Bcensing Ibrary is initiated which checks out the 
icense by decrementing the icense units In icense token by the number of 
icenslng units being checked out 

The decoding and encexfing routines aibw software vendors to 
implement their own security mechanism to protect their licenses from 
unauthorized use even though they reside at the customer's site. 
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Below is an example of a sanple application using the licensing library 
and the license access module written in C language: 

5 #deflne UC RENEWALJTIME (60) /set renewal time for this session/ 

fdefine ESTJJCJ^NEWALJTME (LIC_RENEWALjnME x -9) 

NU.vendor_id Nl^VendorJd « 1223; /set vendor #/ 

NL orod num NL Prod_num « "02" /set produc* #/ 

1 0 NLversion NLJ/ersion « ( 1 2/20/88, - 1 .(T ); /feet version id #/ 

status ~ NLJntt (vendorjd. NULL, Sjobjd); /initialize tcense service/ 
If (status h NLJ4CLERROR) Accept job id if no error/ 

1 5 fprintf (stderr, 'nljnh failed - error - 

%cftn*, status ); /error n^ssage if error and 

return/ 

return; 
} 

20 units m 3; 

code funcs.encode j> » nl encode; /pointer to encode function/ 
code~funcs.decode j> - nf_deeode; /pointer to decode function/ 
if (signal (SIGALRM), alarmjntr ) ~ (void *) -1) /set alarm if no 

error/ 

25 { 

perror ("Cannot get SfGALRWT): /otherwise, error message/ 
return; 

status L NL_request Qob_td. MJ>ftxLnum, /request a license/ 
30 &NL Version. 

unltsT UC_RENEWAL_HME, NLJ-2JSRCH, 
&code funcs, NULL, 
&req_handle, NULL, Sappjnfo); 

if (status \m NL NO ERROR) /no error, fcense checked 

35 { out from license server/ 

fprintf (stderr, •nljequesf failed - error- 
%d\n\ status); /otherwise, error message/ 

return; 

40 /* 

* We got a license /license request successful/ 

•/ 

alarm (EST_LIC_RENEWAL_TI ME) ; /set alarm tor license renewal 
45 _ '"* time/ 

Application Runs /runs application/ 

status - NL release (req_handte); /request to release a license/ 
if (Status l» NL_NO_ERROR) 

50 { 

Iprintf (stderr, "nl release failed - error « /otherwise, error 
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%d\n\ status); messages/ 
. return; 

} 



5 int 

alarm Intr 0 

{ 

status • NL_confirm (req_handte t /renew Bcensing unit with 
UC_RENEWAL_TIME , NULL); Bcensing server/ 

10 r 

• Verify vendor private information 
7 

} 

If (statusU NL_NO_ERR0R) 
1 5 fprirrtf (stderr, "nLoonfirm (ailed - error - /otherwise, error 

%\n\ status); message/ 

puts ("license renewed*) /successful Scense 
} renewal/ 

20 

The sample application given above is accompanied by self- 
explanatory annotation to the right margin of the codes. Of particular interest 
are code_func.encode_p and codejunc.decode _p. Encode j> and decode j> 
are pointers to the software vendors encode and decode routines, 

25 respectively. Taking the pointers in the code June variable, the icensing 
Bbrary can use the pointers to invoke the decoding and encoding routines in 
the ficense access module. The three major icensing library routines, request 
for a Dcense (NL_request), release a ficense (Nl^release) and renew a ficense 
(NL_confirm) invoke the decocfiog and encoding routines. For example of a 

30 ficense access module, see Appendix 1. 



In implementing the ficense access module, the foense server becomes 
merely a repository for Ecense tokens. The icensing Bbrary coupled to the 
application performs the procedure of authenticating the Bcense token prior to 
35 granting a ficense and therefore access to run the appficatioa 

Because the level of security of the system is cfictaled by the license 
access module, the software vendors are free to make the ficense access 
module as simple or as complex as they desire. In particular, they are free to 
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adopt any of the encryption schemes as part of their encryption routines. If the 
security mechanism is broken, and the encryption known to others, then the 
software vendors can easily remedy the situation by releasing a new version of 
the product with a new license access module. 

5 

White the present invention has been particularly described with 
reference to Figures 1-4 as weB as Appendix 1, and with emphasis on certain 
language in implementing a method to protect against the unauthorized use of 
software application in a computer network environment, it should be 

1 0 understood that they are for lustration only and should not be taken as 
limitation upon the invention, in addition, it is dear that the method of the 
present invention has utility in any application run in a computer network 
environment It is contemplated that marry changes and modifications may be 
made, by one skilled in the art, without departing from the spirit and scope of 

15 the invention dsclosed above. 
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CLAIMS 

1. In a computer network environment including a 
plurality of software applications licensed to run on at 
least one network of agents, said applications located on 
said agents wherein use of the application on a particular 
agent is permitted upon the grant of a license , said 
license being requested by a user from said agent of said 
applications, a system for protecting against the 
unauthorized use of said applications comprising: 

license token means for storing licensing 
information of said applications; license server means 
connected to said agents for communicating with said 
applications, said license server means having a database 
which stores said license token means, said license server 
means further retrieving said license token means from 
said database upon a request for a license by said 
applications, said license server means further 
transmitting said license token means to said 
applications; 

license access means connected to said agents 
for decoding and encoding said license token means from 
said license server means, said license access means being 
integrated with said applications, said license access 
means receiving said license token means from said license 
server means; and 

licensing library means connected to said agents 
for verifying said decoded license token means before 
access to said license is granted, said licensing library 
means being integrated with said applications. 

2. The system as defined in claim 1, wherein each 
said license token means containing licensing information 
for at least one version of each said applications. 
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3. The system as defined in claim 1* wherein the 
contents of said license token means is encrypted* 

4. The system as defined in claim 1 9 wherein said 
license token means is passed between said license server 
means and said licensing library means for a predetermined 
time period* 

5* The license token means as defined in claim 4, 

wherein during said predetermined time period* only one 
said applications may check out one said license token 
means • 

6* The system as defined in claim 1, wherein said 

license server means receives said request for a license 
from said applications* said license server searches in 
said database for a license token means storing the 
license requested by said application before retrieving 
said license token means* 

7* The system as defined in claim 1* wherein said 

license access means decodes the contents of said license 
token means before said licensing library means verifies 
said license token means* 

. 8* The system as defined in claim 1, wherein said 

license access means encodes said license token means 
after said licensing library verifies said license token 
means and prior to returning said license token means to 
said license server means* 

9* The system as defined in claim 1, wherein said 

licensing library verifies said license token means by 
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comparing the licensing information stored in said license 
token means with the licensing information maintained by 
said application. 

10. The system as defined in claim 1, wherein said 

licensing library means checks out said license of said 
application in response to a positive comparison of the 
license information* 

11* The licensing library means as defined in claim 

10, wherein said license for said application being 
checked out after said licensing library verifies said 
license token means. 

12* In a computer network environment including a 

plurality of software applications licensed to run on at 
least one network of agents, said applications located on 
said agents wherein use of the application on a particular 
agent is permitted upon the grant of a license, said 
license being requested by a user from said agent of said 
applications, a system for protecting against the 
unauthorized use of said applications comprising: 

license token means for storing licensing 
information of said applications; 

license server means connected to said agents 
for communicating with said applications, said license 
server means having a database which stores said license 
token means, said license server means further retrieving 
said license token means from said database upon a request 
for a license by said applications, said license server 
means further transmitting said license token means to 
said applications; 
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license access means connected to said 
application and accessible from said agents for decoding 
and encoding said license token means from said license 
server means, said license access means being integrated 
with said applications; 

licensing library means connected to said 
application and accessible from said agents for verifying 
said decoded license token means before access to said 
license is granted, said licensing library means being 
integrated with said applications; and 

license binding means connected to said license 
server means and to said licensing library means for 
constructing a binding file, said binding file informing 
said licensing library means which of said license server 
means may grant a license to said application* 

13. The system as defined in claim 12, wherein said 
licensing library means are located on the same agents as 
said applications. 

14. The system as defined in claim 12, wherein said 
license sever means are located on the same agents as said 
licensing library means. 

15. The system as defined in claim 12, wherein each 
said license token means contains licensing information 
for at least one version of each of said applications. 

16. The system as defined in claim 12, wherein the 
contents of said license means is encrypted. 

17. The system as defined in claim 12, wherein said 
license token means is passed between said license server 
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means and said licensing library means for a predetermined 
time period. 

18. The license token means as defined in claim 17, 
wherein, during said predetermined time period, only one 
of said applications may check out one said license token 
means. 

19. The system as defined in claim 12, wherein said 
license server means further transmit said license token 
means to said licensing library means, 

20. The system as defined in claim 12, wherein said 
license access means decodes the contents of said license 
token means before said licensing library means verifies 
said license token means. 

21* The system as defined in claim 12, wherein said 

license access means encodes said license token means 
after said licensing library verifies said license token 
means and prior to returning said license token means to 
said license server means. 

22. The system as defined in claim 12, wherein said 
license binding means constructs said binding file by 
contracting each said license server means to request for 
a list of applications it serves, said binding file 
containing said list of applications available from said 
license server means, 

23. In a computer network environment including a 
plurality of software applications licensed to run on at 
least one network of agents, said applications located on 
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said agents wherein use of the application on a particular 
agent is permitted upon the grant of a license, said 
license being requested by a user from said agent of said 
applications, a system for protecting against the 
unauthorized use of said applications substantially as 
hereinbefore described with reference to the accompanying 
drawings • 
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